Skip to content
/ AI-Infra-Guard Public

AI infrastructure security assessment tool designed to discover and detect potential security risks in AI systems.

License

View license
80 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Tencent/AI-Infra-Guard

BranchesTags

Repository files navigation

🛡️ AI Infrastructure Security Assessment System

中文版

AI Infra Guard is an efficient, lightweight, and user-friendly AI infrastructure security assessment tool designed to discover and detect potential security risks in AI systems.

🚀 Project Highlights

  • Efficient Scanning* Supports 28 AI framework fingerprint identifications

    • Covers 200+ security vulnerability databases

  • Easy to Use

    • Ready to use out of the box, no complex configuration
    • Fingerprint and vulnerability YAML rule definitions
    • Flexible matching syntax

  • Lightweight

    • Clean and efficient core components
    • Small binary size, low resource usage
    • Cross-platform support

📊 AI Component Coverage

Component Name Vulnerability Count
anythingllm 8
langchain 21
Chuanhugpt 0
comfy_mtb 1
ComfyUI-Prompt-Preview 1
ComfyUI-Custom-Scripts 1
comfyui 2
dify 0
fastchat-webui 0
fastchat 0
feast 0
gradio 41
jupyterlab 4
jupyter-notebook 1
jupyter-server 7
kubeflow 4
kubepi 5
llamafactory 1
ollama 5
open-webui 1
pyload-ng 18
qanything 2
ragflow 1
ray 3
tensorboard 0
vllm 3
xinference 0

🚀 Quick Preview

Quick Usage

AI Security Scanner Demo

AI Analysis

AI Security Scanner AI Analysis Demo

📦 Installation and Usage

Installation

Download from: https://github.com/Tencent/AI-Infra-Guard/releases

Usage

Single Target

./ai-infra-guard -target [IP/Domain]

Multiple Targets

./ai-infra-guard -target [IP/Domain] -target [IP/Domain]

Read from File

./ai-infra-guard -file target.txt

AI Analysis

./ai-infra-guard -target [IP/Domain] -ai -token [Hunyuan token]

🔍 Fingerprint Matching Rules

AI Infra Guard is based on WEB fingerprint identification components. Fingerprint rules are in the data/fingerprints directory, and vulnerability matching rules are in the data/vuln directory.

Example: Gradio Fingerprint Rule

info:
  name: gradio
  author: Security Team
  severity: info
  metadata:
    product: gradio
    vendor: gradio
http:
  - method: GET
    path: '/'
    matchers:
      - body="<script>window.gradio_config = {" || body="document.getElementsByTagName(\"gradio-app\");"

🛠️ Fingerprint Matching Syntax

Matching Locations

  • Title
  • Body
  • Header
  • Icon hash

Logical Operators

  • = Fuzzy match
  • == Exact match
  • != Not equal
  • ~= Regular expression match
  • && AND
  • || OR
  • () Grouping

🤝 Contributing

Community contributions are highly welcome! Feel free to submit PRs and Issues.

📄 License

"AI Infra Guard" is licensed under the MIT License except for the third-party components. Visit License.txt

💡 Tip: Stay updated to protect your AI infrastructure security!

About

AI infrastructure security assessment tool designed to discover and detect potential security risks in AI systems.

Resources

Readme

License

View license
Activity
Custom properties

Stars

80 stars

Watchers

3 watching

Forks

11 forks
Report repository

Releases 1

v0.0.1 Latest
Jan 2, 2025

Packages

No packages published

Languages